Internet Explorer 6 and earlier, when used with the Telnet client in Services for Unix (SFU) 2.0, allows remote attackers to execute commands by spawning Telnet with a log file option on the command line and writing arbitrary code into an executable file which is later executed, aka a new variant of the Telnet Invocation vulnerability as described in CVE-2001-0150.
History

Thu, 16 Jan 2025 17:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2002-03-09T05:00:00

Updated: 2025-01-16T16:14:40.211Z

Reserved: 2001-08-15T00:00:00

Link: CVE-2001-0667

cve-icon Vulnrichment

Updated: 2024-08-08T04:30:06.104Z

cve-icon NVD

Status : Modified

Published: 2001-10-30T05:00:00.000

Modified: 2025-01-16T17:15:09.250

Link: CVE-2001-0667

cve-icon Redhat

No data.